resolutionflow/backend/app/api/endpoints at c724ad80621cc11e9e1484c9c359f07ed7cbf9fb - resolutionflow - ResolutionFlow - Gitea

chihlasm/resolutionflow

Files

History

Michael Chihlas c724ad8062 fix: prevent race conditions in token operations and auth flows

Backend:
- Refresh token rotation: use atomic UPDATE...WHERE revoked_at IS NULL
  to prevent concurrent refresh requests from both succeeding
- Account invite codes: SELECT FOR UPDATE to prevent double-spend
- Platform invite codes: SELECT FOR UPDATE to prevent double-spend
- Password reset tokens: SELECT FOR UPDATE to prevent double-use
- Email verification tokens: SELECT FOR UPDATE to prevent double-use

Frontend:
- Token refresh subscriber arrays: swap before iterating so a throwing
  callback doesn't leave the queue in a dirty state

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-09 17:20:38 -04:00

..

__init__.py

Initial commit: Backend API Phase 1a complete

2026-01-22 14:38:53 -05:00

accounts.py

feat: Slate & Ice Modern aesthetic redesign (#94 )

2026-03-04 20:44:25 -05:00

admin_audit.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_categories.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_dashboard.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_feature_flags.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_plan_limits.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_settings.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_survey.py

feat: Flow Transfer, Procedural Assist & UI Design System (#97 )

2026-03-07 18:44:14 -05:00

admin.py

feat: super admin promote/demote endpoint + admin panel UI

2026-02-24 23:05:42 -05:00

ai_builder.py

fix: use correct google-genai async API and remove debug endpoint

2026-02-27 00:08:20 -05:00

ai_chat.py

feat: flow export/import + procedural Flow Assist (#96 )

2026-03-07 15:51:37 -05:00

ai_fix.py

feat: add POST /ai/fix-tree endpoint for AI-powered validation fixes

2026-02-26 17:25:38 -05:00

ai_suggestions.py

feat: flow export/import + procedural Flow Assist (#96 )

2026-03-07 15:51:37 -05:00

analytics.py

feat: analytics dashboards & two-tier feedback system (#78 )

2026-02-16 15:23:14 -05:00

assistant_chat.py

fix: resolve MissingGreenlet crash and add MCP fallback in AI Assistant

2026-03-08 15:43:22 -04:00

auth.py

fix: prevent race conditions in token operations and auth flows

2026-03-09 17:20:38 -04:00

categories.py

feat: update all endpoints and schemas for account-based model

2026-02-07 02:39:01 -05:00

copilot.py

feat: Slate & Ice Modern aesthetic redesign (#94 )

2026-03-04 20:44:25 -05:00

feedback.py

feat: add POST /feedback endpoint with DB persistence and dual emails

2026-02-18 17:43:21 -05:00

folders.py

fix: high-severity security hardening (Phase B permissions audit)

2026-02-05 22:44:05 -05:00

invite.py

feat: add resend capability for platform and account invite codes

2026-02-11 23:45:23 -05:00

maintenance_schedules.py

fix: stabilize maintenance flow run/resume and procedural scrolling

2026-02-17 20:12:07 -05:00

ratings.py

feat: analytics dashboards & two-tier feedback system (#78 )

2026-02-16 15:23:14 -05:00

sessions.py

feat: Step Library sync + service account for default tree ownership

2026-02-25 23:17:29 -05:00

shared.py

feat: implement tree sharing, draft trees, and session-to-tree conversion (Issues #16 , #25 , #17 )

2026-02-07 23:06:13 -05:00

shares.py

feat: add tree forking, custom step tracking, and session sharing

2026-02-07 19:10:47 -05:00

step_categories.py

feat: update all endpoints and schemas for account-based model

2026-02-07 02:39:01 -05:00

steps.py

feat: Step Library sync + service account for default tree ownership

2026-02-25 23:17:29 -05:00

survey.py

feat: AI chat conclusion + survey completion & management (#95 )

2026-03-05 22:43:02 -05:00

tags.py

feat: update all endpoints and schemas for account-based model

2026-02-07 02:39:01 -05:00

target_lists.py

fix: apply code review security and robustness fixes

2026-02-17 16:15:19 -05:00

tree_markdown.py

feat: add dual-mode tree editor with Code Mode, variables, and markdown sync

2026-02-10 09:45:26 -05:00

tree_transfer.py

feat: flow export/import + procedural Flow Assist (#96 )

2026-03-07 15:51:37 -05:00

trees.py

feat: flow export/import + procedural Flow Assist (#96 )

2026-03-07 15:51:37 -05:00

webhooks.py

feat: update all endpoints and schemas for account-based model

2026-02-07 02:39:01 -05:00